Monitoring Nagios: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
Team: | Team: | ||
Ilja Shustov, | Ilja Shustov, | ||
Sheela Raj | Sheela Raj |
Revision as of 13:56, 12 November 2016
Team: Ilja Shustov, Sheela Raj
Group : Cyber Security Engineering (C21)
Page Created: 10 November 2016
Last modified:
Introduction
In this article, we will cover the installation of Nagios, a very popular open source monitoring system, on Ubuntu. We will cover some basic configuration, so you will be able to monitor host resources via the web interface. We will also utilize the Nagios Remote Plugin Executor (NRPE), that will be installed as an agent on remote hosts, to monitor their local resources.
Monitoring
Before You Begin
Check your current Ubuntu version & Upgrade
You can check your current ubuntu version by the following command:
lsb_release -a
If your machine is already running Ubuntu 16.04.1 LTS or higher than that, There is no need for you to upgrade the OS.
Otherwise you need to upgrade the OS by the following command:
sudo apt-get update && sudo apt-get upgrade
Note:
This article is written for a non-root user. Commands that require elevated privileges are prefixed with sudo
. If you’re not familiar with the sudo
command, you can check the Users and Groups guide.
Install the required package
As a prerequisite, Nagios requires the gcc compiler and build-essentials for the compilation, LAMP (Apache, PHP, MySQL) for the Nagios web interface and Sendmail to send alerts from the server.
To install all those packages, run the following command (it's just 1 line):
sudo apt-get install wget build-essential apache2 php apache2-mod-php7.0 php-gd libgd-dev sendmail unzip
Create Users and Groups
Create a user nagios, and a distinct group nagcmd.
Add nagios and the Apache user www-data, to the nagcmd group in order to run external commands on Nagios through the web interface
Use the following command to create:
To create user:
sudo useradd nagios
To create group:
sudo groupadd nagcmd
To add user to the group:
sudo usermod -a -G nagcmd nagios && sudo usermod -a -G nagcmd www-data
Installing Nagios
Download and extract Nagios
In your web browser, go to the Nagios Core DIY download page.It will ask you to register, If you prefer not to register for updates, click Skip to download.
Under Nagios Core, find the release that says Latest stable release under Notes, then copy the download link to your clipboard.
Now using wget
and tar
, download the Nagios and extract it.
To download, paste the copied link after wget
:
wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.2.0.tar.gz
Command to extract:
tar -xzf nagios*.tar.gz
Now move to the newly created directory, by using the following command:
cd nagios-4.2.0
Compile Nagios
Before you build Nagios, you will have to configure it with the user and the group you have created earlier.
command to configure:
./configure --with-nagios-group=nagios --with-command-group=nagcmd
For more information please use: ./configure --help
Now compile Nagios with this command:
make all
To install Nagios
Now we can run these make commands to install Nagios, init scripts, and sample configuration files:
sudo make install
sudo make install-commandmode
sudo make install-init
sudo make install-config
/usr/bin/install -c -m 644 sample-config/httpd.conf /etc/apache2/sites-available/nagios.conf
And copy evenhandler directory to the nagios directory:
sudo cp -R contrib/eventhandlers/ /usr/local/nagios/libexec/
sudo chown -R nagios:nagios /usr/local/nagios/libexec/eventhandlers
Nagios Plugins
Nagios Plugins allow you to monitor services like DHCP, FTP, HTTP and NTP.
Download and extract the Nagios plugins
To use Nagios Plugins, go to Nagios Plugins downloads page and copy the download link for the current stable release.
Now using wget
and tar
, download and extract Nagios plugin.
Use the following command to move back into user's home directory:
cd ~
To download, paste the copied link after wget
:
wget https://nagios-plugins.org/download/nagios-plugins-2.1.2.tar.gz
Command to extract:
tar -xzf nagios-plugins*.tar.gz
Now Change to the newly created directory by the following command:
cd nagios-plugins-2.1.2/
Install Nagios plugins
Install the Nagios plugin's with the following commands:
./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl
make
sudo make install
Configure Nagios
Now let's perform the initial Nagios configuration.
Organize Nagios Configuration
Open the main Nagios configuration file in your favorite text editor(vim/nano).
We'll use nano to edit the file:
sudo nano /usr/local/nagios/etc/nagios.cfg
Now find and uncomment the following line by deleting the #:
#cfg_dir=/usr/local/nagios/etc/servers
Save and exit.
Now create the directory named servers that will store the configuration file for each server that you will monitor:
sudo mkdir /usr/local/nagios/etc/servers
Change the user and group for the new folder to nagios:
sudo chown nagios:nagios /usr/local/nagios/etc/servers
Configure Nagios Contacts
Open the Nagios contacts configuration in your favorite text editor(nano/vim).
We'll use nano to edit the file:
sudo nano /usr/local/nagios/etc/objects/contacts.cfg
Find the email directive, and replace its value with your own email address
Save and exit.
Configuring Apache
Enable Apache modules
Make sure Apache has mod_rewrite
and mod_cgi
enabled
Enable the Apache rewrite and cgi modules by the following command:
sudo a2enmod rewrite && sudo a2enmod cgi
You can use the htpasswd
command to configure a user nagiosadmin for the nagios web interface
sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
and type your password.
Enable the Nagios virtualhost
You can enable Nagios Virtualhost by the following command:
sudo ln -s /etc/apache2/sites-available/nagios.conf /etc/apache2/sites-enabled/
Start Apache and Nagios
Start the Apache and Nagios by the following command:
sudo service apache2 restart
sudo service nagios start
When Nagios starts, you may see the following error :
Starting nagios (via systemctl): nagios.serviceFailed
And you can fix it by:
cd /etc/init.d/
sudo cp /etc/init.d/skeleton /etc/init.d/nagios
Now edit the Nagios file by the following command:
sudo nano /etc/init.d/nagios
And add the following code:
DESC="Nagios"
NAME=nagios
DAEMON=/usr/local/nagios/bin/$NAME
DAEMON_ARGS="-d /usr/local/nagios/etc/nagios.cfg"
PIDFILE=/usr/local/nagios/var/$NAME.lock
Make it executable, restart apache2 and start Nagios:
sudo chmod +x /etc/init.d/nagios
sudo service apache2 restart
sudo servuce nagios start
Testing the Nagios Server
Open your favorite web browser, and go to your Nagios server (substitute the IP address or hostname)
(in my case: http://192.168.56.200/nagios).
Because we configured Apache to use htpasswd, you must enter the login credentials that you created earlier.
We used "nagiosadmin" as the username:
After authenticating, you will be see the default Nagios home page:
In the Homepage, click on the Hosts link, in the left navigation bar, to see which hosts Nagios is monitoring:
As you can see, Nagios is monitoring only "localhost", or itself.
Let's monitor another host with Nagios!
Adding a Host to Monitor
In this section, you can see how to add a ubuntu host to Nagios server, so it will be monitored.
Note: Here replace the IP with your Nagios server IP and Ubuntu Host IP
In my case:
Nagios Server IP : 192.168.56.200
Ubuntu Host IP : 192.168.56.100
Connect to ubuntu host
You can connect to Ubuntu host by using ssh
If you are not familiar with ssh use this Beginner’s Guide To Setting Up SSH On Linux
ssh student@192.168.56.100
Install NRPE Service
Now install Nagios Plugins and NRPE by following command:
sudo apt-get install nagios-nrpe-server nagios-plugins
Configure NRPE
Now, let's update the NRPE configuration file.
Open it in your favorite editor (we're using nano):
nano /etc/nagios/nrpe.cfg
Find the server_address directive, and add the private IP address of your Nagios server
In my case:
server_address=192.168.56.200
Save and exit.
Restart NRPE
Restart NRPE by following command:
sudo service nagios-nrpe-server restart
Add Ubuntu Host to Nagios Server
connect to the Nagios server:
ssh student@192.168.56.200
Then create a new file for the host configuration in /usr/local/nagios/etc/servers/.
nano /usr/local/nagios/etc/servers/ubuntu_host.cfg
Add the following lines:
# Ubuntu Host configuration file define host { use linux-server host_name ubuntu_host alias Ubuntu Host address 192.168.1.10 register 1 } define service { host_name ubuntu_host service_description PING check_command check_ping!100.0,20%!500.0,60% max_check_attempts 2 check_interval 2 retry_interval 2 check_period 24x7 check_freshness 1 contact_groups admins notification_interval 2 notification_period 24x7 notifications_enabled 1 register 1 } define service { host_name ubuntu_host service_description Check Users check_command check_local_users!20!50 max_check_attempts 2 check_interval 2 retry_interval 2 check_period 24x7 check_freshness 1 contact_groups admins notification_interval 2 notification_period 24x7 notifications_enabled 1 register 1 } define service { host_name ubuntu_host service_description Local Disk check_command check_local_disk!20%!10%!/ max_check_attempts 2 check_interval 2 retry_interval 2 check_period 24x7 check_freshness 1 contact_groups admins notification_interval 2 notification_period 24x7 notifications_enabled 1 register 1 } define service { host_name ubuntu_host service_description Check SSH check_command check_ssh max_check_attempts 2 check_interval 2 retry_interval 2 check_period 24x7 check_freshness 1 contact_groups admins notification_interval 2 notification_period 24x7 notifications_enabled 1 register 1 } define service { host_name ubuntu_host service_description Total Process check_command check_local_procs!250!400!RSZDT max_check_attempts 2 check_interval 2 retry_interval 2 check_period 24x7 check_freshness 1 contact_groups admins notification_interval 2 notification_period 24x7 notifications_enabled 1 register 1 }
You can find many check_command in /usr/local/nagios/etc/objects/commands.cfg file. See there if you want to add more services like DHCP, POP etc.
And now check the configuration:
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
... to see if the configuration is correct.
Restart all services
On the Ubuntu Host start NRPE Service:
sudo service nagios-nrpe-server restart
And on the Nagios server, start Apache and Nagios:
sudo service apache2 restart
sudo service nagios restart
Testing the Ubuntu Host
Open the Nagios server from the browser and see the ubuntu_host being monitored.
The Ubuntu host is available on monitored host.
All services monitored without error.
Summary
Reference
3- Install Nagios and monitor your servers on ubuntu
4- Nagios in 30 minutes and jumpstart your monitoring